Upload Form

**boogyman** · 10-31-2007, 03:21 PM

he's telling you how to troubleshoot it.
above the file cannot be accepted it should print out the contents.

Code:

<?php
   // Configuration - Your Options
      $allowed_filetypes = array('.jpg','.gif','.bmp','.png','.avi','.wmv',); // These will be the types of file that will pass the validation.
      $max_filesize = 1500000; // Maximum filesize in BYTES (currently 0.5MB).
      $upload_path = 'uploads/'; // The place the files will be uploaded to (currently a 'files' directory).
 
   $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
 
$ext = substr($filename, strpos($filename,'.'));
echo $ext;

**pssparkman** · 10-31-2007, 04:46 PM

Well after some searching I found another upload script that works fine, just needs some tweaking to do what I need it to do but it works. On another note, how can I get the upload script to send out an email saying that something to the nature of

The file "file" has been uploaded to "directory" on "date".

Any help with this will be appreciated.

**insanemonkey** · 11-01-2007, 06:32 PM

this is what i use,

Code:

<?php

  error_reporting(E_ALL ^ E_NOTICE); // Show all major errors.

  // Check to see if the button has been pressed
  if (!empty($_REQUEST['sendForm']))
  {
    // Assign the name to a variable
    $name = $_FILES['uploaded_file']['name'];
    // Assign the tmp_name to a variable
    $tmp_name = $_FILES['uploaded_file']['tmp_name'];
    // Assign the error to a variable
    $error = $_FILES['uploaded_file']['error'];
    // Assign the size to a variable
    $size = $_FILES['uploaded_file']['size'];
    // No trailing slash
    $uploadFilesTo = 'imgs';
    // Create safe filename
    $name = ereg_replace('[^A-Za-z0-9.]', '-', $name);
    // Disallowed file extensions
    $naughtyFileExtension = array("php2", "php3", "php4", "php5", "asp", "inc", "txt", "wma", "mov", "js", "exe", "jsp", "map", "obj", " ", "", "html", "mp3", "mpu", "wav", "cur", "ani", "fla", "swf");
    // Returns an array that includes the extension
    $fileInfo = pathinfo($name);
    // Check extension
    if (!in_array($fileInfo['extension'], $naughtyFileExtension))
    {
      // Get filename
      $name = getNonExistingFilename($uploadFilesTo, $name);
      // Upload the file
      if (move_uploaded_file($tmp_name, $uploadFilesTo.'/'.$name))
      {
          // Show success message
          echo '<center><a href="http://www.xudas.com/forum/imgupload/'.$uploadFilesTo.'/'.$name.'" target="_blank">
<img src="http://www.xudas.com/forum/imgupload/'.$uploadFilesTo.'/'.$name.'" align="top" width="100" border="0"></a>
<textarea>http://www.xudas.com/forum/imgupload/'.$uploadFilesTo.'/'.$name.'</textarea></center>';
      }
      else
      {
          // Show failure message
          echo '<center><SPAN style="color:gray">File failed to upload to /'.$name.'</span></center>';
      }
    }
    else
    {
        // Bad File type
        echo '<center><SPAN style="color:gray">The file uses an extension we don\'t allow.</span></center>';
    }
  }
 
  // Functions do not need to be inline with the rest of the code
  function getNonExistingFilename($uploadFilesTo, $name)
  {
      if (!file_exists($uploadFilesTo . '/' . $name))
          return $name;
     
      return getNonExistingFilename($uploadFilesTo, rand(100, 200) . '_' . $name);
  }
?>
<BR>
<center>
<table bgcolor="#000000" border="0" width="100%">
<tr><td>
<form action="" method="post"    enctype="multipart/form-data">
  <input type="file" name="uploaded_file">
  <input type="submit" name="sendForm" value="Upload">
</form>

</td></tr>
</table>
</center>

this one you can actually not allow certain file types... have fun

**Twey** · 11-01-2007, 06:35 PM

It's a lot safer to only allow certain file types (e.g. you missed out .phtml there).

**insanemonkey** · 11-01-2007, 06:44 PM

OMg there is a phtml, what is the world coming to, why do they have so many html things, all they need is html and htm ok!!!

geesh...

thanks for telling me..

is there a way i could turn this upload into just allowing certain file types, instead of me typing in everyone i dont want...

I cant seem to figure it out.... help plz

**pssparkman** · 11-01-2007, 06:47 PM

I do however want to put in the form a way that when an upload is successful an email goes out to a specified address (listed inside the form) that a file has been uploaded. How can I approach this?

**Twey** · 11-01-2007, 07:00 PM

is there a way i could turn this upload into just allowing certain file types, instead of me typing in everyone i dont want...

Just take away the ! before the in_array() call. You might want to rename $naughtyFileTypes for clarity.

OMg there is a phtml, what is the world coming to, why do they have so many html things, all they need is html and htm ok!!!

It's actually a PHP extension.

**insanemonkey** · 11-01-2007, 07:14 PM

oooh more php, what i would do is have it uploaded

post it as get method like
http://www.yourdomain.com/uploaded/index.php?upload=$file

then have a email box below allow users to put in their email address then(like a contact form) when the users submit it sends them
$file

eek sorry confusing a litle

**pssparkman** · 11-01-2007, 07:31 PM

Sorry, maybe I didn't explain it enough. I want to specify an email address inside the code that when the upload is successful it send an email to that user that "file name" has been uploaded to "dir" on "date". I don't need the user to submit an address for the email to go to. The address is already coded within the form.

**insanemonkey** · 11-01-2007, 07:47 PM

use something like this. you have to use session in a way to identify the user..

$to = "$useremail";

if($submit)
{
mail("$uploadedfile");

} else {
echo "There was an error please try again";
}
?>
try this for like a process page

Thread: Upload Form

Thread Tools

Search Thread

Bookmarks

Bookmarks

Posting Permissions